Re: Audit trails

IO ERROR (error@error.net)
Tue, 26 Nov 1996 07:34:33 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Glenn C. Everhart 603 881 1497: "Re: Signs of an Intruder"
Previous message: Quantum: "RE: Signs of an Intruder"
In reply to: Tim Walding: "Re: Audit trails"

On Sun, 24 Nov 1996, Tim Walding wrote:
> Actually, AIX has quite good auditing features for Unix.  It can include
> quite a bit of detail, including what commands a particular user is using 
> and at what time.  Almost noone uses the entire auditing features because
> it gives too much information and can slow the system response time noticably.

True, but if you're trying to watch particular users or areas of the system for
suspicious activity, such as a hacker, then these sorts of audit trails are
just what the doctor ordered.  For the benefit of those of us without access to
AIX, could you give us a brief description of the sorts of auditing that is
available?

--
Michael Hampton      Crossroads Communications            System Administrator
error@error.net      318 E Burlington, Iowa City, IA 52240      (319) 354-6614

Next message: Glenn C. Everhart 603 881 1497: "Re: Signs of an Intruder"
Previous message: Quantum: "RE: Signs of an Intruder"
In reply to: Tim Walding: "Re: Audit trails"